Install jx3 on existing EKS cluster about jx3-terraform-eks HOT 25 CLOSED

The docs in the terraform module should have all the information: https://github.com/jenkins-x/terraform-aws-eks-jx

from jx3-terraform-eks.

FWIW this is what I have:

module "jx" {
  source                         = "jenkins-x/eks-jx/aws"
  version                        = "1.15.37"
  region                         = var.region
  use_vault                      = var.use_vault
  cluster_name                   = var.cluster_name
  is_jx2                         = var.is_jx2
  create_eks                     = var.create_eks
  create_vpc                     = var.create_vpc
  jx_git_url                     = var.jx_git_url
  jx_bot_username                = var.jx_bot_username
  jx_bot_token                   = var.jx_bot_token
  force_destroy                  = var.force_destroy
  create_autoscaler_role         = var.create_autoscaler_role
  create_tekton_role             = var.create_tekton_role
  create_and_configure_subdomain = var.create_and_configure_subdomain
  apex_domain                    = var.apex_domain
  subdomain                      = var.subdomain
  manage_apex_domain             = var.manage_apex_domain
  manage_subdomain               = var.manage_subdomain
  cluster_version                = var.cluster_version
  nginx_chart_version            = "3.12.0"
}

EDIT: use the latest version of the eks-jx module, I believe issues with external secrets are fixed in there.

from jx3-terraform-eks.

what value do u have for create_eks? Are they set to false?
Can you post the main.tf and variables.tf file?

from jx3-terraform-eks.

hi @tushae01 thank you

That issue has been solved. But I think I faced that because of multiple applying the stack I guess. And because I'm running on 1.21 so there was a few issues with latest version.

Thanks!

from jx3-terraform-eks.

https://github.com/jenkins-x/terraform-aws-eks-jx/tree/master/examples/existing-cluster -> See this. You may need to change few things, but I have been using this setting for months now at my company.

from jx3-terraform-eks.

thank @ankitm123 for quick answer, let me try that

from jx3-terraform-eks.

thank @ankitm123 I can run it now. But I see that even I set create_eks = false, the log file is showing that it will create the cluster

# module.eks.aws_eks_cluster.this[0] will be created
  + resource "aws_eks_cluster" "this" {
      + arn                   = (known after apply)
      + certificate_authority = (known after apply)
      + created_at            = (known after apply)
      + endpoint              = (known after apply)
      + id                    = (known after apply)
      + identity              = (known after apply)
      + name                  = "GOLFTEC"
      + platform_version      = (known after apply)
      + role_arn              = (known after apply)
      + status                = (known after apply)
      + tags_all              = (known after apply)
      + version               = "1.18"

      + kubernetes_network_config {
          + service_ipv4_cidr = (known after apply)
        }

      + timeouts {
          + create = "30m"
          + delete = "15m"
        }

      + vpc_config {
          + cluster_security_group_id = (known after apply)
          + endpoint_private_access   = false
          + endpoint_public_access    = true
          + public_access_cidrs       = [
              + "0.0.0.0/0",
            ]
          + security_group_ids        = (known after apply)
          + subnet_ids                = (known after apply)
          + vpc_id                    = (known after apply)
        }
    }

It happens that VPC and Worker Group will be created as well.
Please help to correct if I miss any

Thanks!

from jx3-terraform-eks.

variables.txt
main.txt

@ankitm123 those are the file I'm using

thanks!

from jx3-terraform-eks.

ok, I see the confusion. You dont need anything above line 138, the example was to demonstrate that if there is a VPC created before hand, and an eks cluster was created inside it, we can still install jx inside that eks cluster. To test that example, I needed to create a vpc and eks cluster some how, so I created it in that file. You just need stuff from line 139 (Just the module "eks-jx" part). And then you can trim the variables.tf file.

from jx3-terraform-eks.

thank @ankitm123 so I'm going to use main.tf like below

// The VPC and EKS resources have been created, just install the cloud resources required by jx
module "jx" {
  source                         = "jenkins-x/eks-jx/aws"
  version                        = "1.15.38"
  region                         = var.region
  use_vault                      = false
  cluster_name                   = var.cluster_name
  is_jx2                         = true
  create_eks                     = false
  create_vpc                     = false
  jx_git_url                     = var.jx_git_url
  jx_bot_username                = var.jx_bot_username
  jx_bot_token                   = var.jx_bot_token
  force_destroy                  = var.force_destroy
  cluster_version                = var.cluster_version
  nginx_chart_version            = "3.12.0"
}

from jx3-terraform-eks.

Yes imo. Also please use the latest version of the eks-jx module.: https://github.com/jenkins-x/terraform-aws-eks-jx/releases

from jx3-terraform-eks.

thank @ankitm123 there are no such creations anymore. But sorry, could you please help to send me these variables part in variables.tf?

create_autoscaler_role         = var.create_autoscaler_role
create_tekton_role             = var.create_tekton_role
create_and_configure_subdomain = var.create_and_configure_subdomain
apex_domain                    = var.apex_domain
subdomain                      = var.subdomain
manage_apex_domain             = var.manage_apex_domain
manage_subdomain               = var.manage_subdomain

from jx3-terraform-eks.

thank @ankitm123 I got it

from jx3-terraform-eks.

@ankitm123 I applied the plan, but there are just some AWS resources are created. I have not seen any deployment or service for Jenkins. Do I miss any param?

Thanks!

from jx3-terraform-eks.

Can you post the output from terraform plan, hard to say without looking at one? Also need to set use_vault to true, unless u have another secret storage configured.

from jx3-terraform-eks.

@ankitm123 please help to take a look

from jx3-terraform-eks.

looks ok to me, but u need vault set up, use_vault = true should do it.

from jx3-terraform-eks.

Also the next steps are documented here: https://github.com/jx3-gitops-repositories/jx3-terraform-eks#getting-started. You should have a cluster git repo and all that ...

from jx3-terraform-eks.

I did all of those steps @ankitm123.

from jx3-terraform-eks.

I dont see any vault in the output is missing vault, if u set it to true, and did an apply again, u can use jx admin log to see if everything succeeded. You should also configure a domain/subdomain, there are variables for that, so that you can have webhooks and dashboard set up. In the end, try jx project import to import repos into JX.

from jx3-terraform-eks.

thank @ankitm123 I got this error

MountVolume.SetUp failed for volume "secrets-git" : secrets "tekton-git" not found
Before that I have not disabled tekton, then I just enabled and applied again. Should I destroy and apply?

from jx3-terraform-eks.

it seems there is a problem when initializing vault. I got this error

core: security barrier not initialized

EDIT: Vault can start without above error, but I got below error
http: TLS handshake error from

from jx3-terraform-eks.

as a heads, I'm having issues with missing secrets and configmaps when trying to install on an existing cluster this week, but it did work for me previously... this was my main.tf (eks cluster is 1.19)-
module "eks-jx" {
source = "github.com/jenkins-x/terraform-aws-eks-jx?ref=v1.15.12"
cluster_name = var.cluster_name
cluster_version = var.cluster_version
region = var.region
vault_user = var.vault_user
use_vault = true
use_asm = false
is_jx2 = false
create_eks = false // Skip EKS creation
create_vpc = false // skip VPC creation
jx_git_url = var.jx_git_url
jx_bot_username = var.jx_bot_username
jx_bot_token = var.jx_bot_token
force_destroy = var.force_destroy
install_kuberhealthy = var.install_kuberhealthy
}

from jx3-terraform-eks.

Change
source = "github.com/jenkins-x/terraform-aws-eks-jx?ref=v1.15.12"

to
source = "github.com/jenkins-x/terraform-aws-eks-jx"

from jx3-terraform-eks.

/close
closing this as the main issue was solved, feel free to re-open or open another issue if there are other issues.

from jx3-terraform-eks.